/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */


package daw.filtro;

import daw.bean.RolUsuario;
import daw.bean.Usuario;
import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.net.URL;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.swing.JOptionPane;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import org.w3c.dom.Document;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/**
 *
 * @author Luis
 */
public class Autorizacion implements Filter {

    private static final boolean debug = true;

    // The filter configuration object we are associated with.  If
    // this value is null, this filter instance is not currently
    // configured. 
    private FilterConfig filterConfig = null;

    public Autorizacion() {

    } 

    private void doBeforeProcessing(ServletRequest request, ServletResponse response)
	throws IOException, ServletException {
	if (debug) log("Autorizacion:DoBeforeProcessing");

	// Write code here to process the request and/or response before
	// the rest of the filter chain is invoked.

	// For example, a logging filter might log items on the request object,
	// such as the parameters.
	/*
	for (Enumeration en = request.getParameterNames(); en.hasMoreElements(); ) {
	    String name = (String)en.nextElement();
	    String values[] = request.getParameterValues(name);
	    int n = values.length;
	    StringBuffer buf = new StringBuffer();
	    buf.append(name);
	    buf.append("=");
	    for(int i=0; i < n; i++) {
	        buf.append(values[i]);
	        if (i < n-1)
	            buf.append(",");
	    }
	    log(buf.toString());
	}
	*/
    } 

    private void doAfterProcessing(ServletRequest request, ServletResponse response)
	throws IOException, ServletException {
	if (debug) log("Autorizacion:DoAfterProcessing");

	// Write code here to process the request and/or response after
	// the rest of the filter chain is invoked.
	
	// For example, a logging filter might log the attributes on the
	// request object after the request has been processed. 
	/*
	for (Enumeration en = request.getAttributeNames(); en.hasMoreElements(); ) {
	    String name = (String)en.nextElement();
	    Object value = request.getAttribute(name);
	    log("attribute: " + name + "=" + value.toString());

	}
	*/

	// For example, a filter might append something to the response.
	/*
	PrintWriter respOut = new PrintWriter(response.getWriter());
	respOut.println("<P><B>This has been appended by an intrusive filter.</B>");
	*/
    }

    /**
     *
     * @param request The servlet request we are processing
     * @param response The servlet response we are creating
     * @param chain The filter chain we are processing
     *
     * @exception IOException if an input/output error occurs
     * @exception ServletException if a servlet error occurs
     */
    public void doFilter(ServletRequest request, ServletResponse response,
                         FilterChain chain)
	throws IOException, ServletException {

	if (debug) log("Autorizacion:doFilter()");

	doBeforeProcessing(request, response);
	
	Throwable problem = null;
    Usuario u;
    HttpServletRequest httpRequest;
    HttpSession session;
    String direccionDestino;
    String recurso;

	try {
        NodeList paginasMenu;
		String recursoMenu;
		int idxQueryStringMenu;
        boolean permitido;
        boolean direccionValida;
        int n;

        Node nodoArchivo;
        Node nodoPropiedad;
        NamedNodeMap atributos;
        RolUsuario rolUsuario;
        String nombreRolInvitado;


		httpRequest = (HttpServletRequest)request;
        session = httpRequest.getSession(true);
        u = (Usuario)session.getAttribute(getFilterConfig().getInitParameter("keyUsuario"));
		if(u==null){
			u = new Usuario();
			session.setAttribute(getFilterConfig().getInitParameter("keyUsuario"), u);
		}
		rolUsuario = u.getRolUsuario();
		nombreRolInvitado = getFilterConfig().getInitParameter("RolInvitado");
		if(rolUsuario==null){
			rolUsuario= new RolUsuario();
			rolUsuario.setNombre(nombreRolInvitado);
		}
        DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
        DocumentBuilder parser = factory.newDocumentBuilder();
		String rutaMenu;
		rutaMenu = getFilterConfig().getServletContext().getRealPath("/WEB-INF/menu.xml");
        Document documentoMenu = parser.parse(new File(rutaMenu));
        //Comprobar que haya iniciado sesión
        //Comprobar si tiene permiso de acuerdo a su rol

        paginasMenu = documentoMenu.getElementsByTagName("archivo");
        direccionDestino = httpRequest.getRequestURI();
        recurso = direccionDestino.substring(getFilterConfig().getServletContext().getContextPath().length()+1);
        permitido = false;
        direccionValida = false;
        n = paginasMenu.getLength();
		//JOptionPane.showMessageDialog(null, recurso);
        for(int i=0; i< n; i++){
            nodoArchivo = paginasMenu.item(i);
            atributos = nodoArchivo.getAttributes();
            nodoPropiedad = atributos.getNamedItem("direccion");
            if(nodoPropiedad!=null){
                //response.getWriter().println(recurso);
                //response.getWriter().println("-");
                //response.getWriter().println(nodoPropiedad.getNodeValue());
                //response.getWriter().println("<br/>");
				recursoMenu = nodoPropiedad.getNodeValue();
				idxQueryStringMenu = recursoMenu.indexOf('?');
				if(idxQueryStringMenu>=0){
					recursoMenu = recursoMenu.substring(0, idxQueryStringMenu);
				}
                if(recurso.equalsIgnoreCase(recursoMenu)){
                    direccionValida = true;
                    nodoPropiedad = atributos.getNamedItem("roles");
                    if(nodoPropiedad!=null){
                        if(nodoPropiedad.getNodeValue().indexOf("{"+rolUsuario.getNombre()+"}")>=0){
                            permitido = true;
                        }else{
                            permitido = false;
                            if(rolUsuario.getNombre().equalsIgnoreCase(nombreRolInvitado)){
                                StringBuilder sb = new StringBuilder(httpRequest.getRequestURI());
                                if(httpRequest.getQueryString()!=null){
                                    sb.append("?");
                                    sb.append(httpRequest.getQueryString());
                                }
                                direccionDestino = sb.toString();
                                if(!direccionDestino.toUpperCase().contains("LOGIN")){
                                    session.setAttribute("login_reenvio", direccionDestino);
                                }
								
                                response.getWriter().println("Para acceder a este recurso debe <a href='" + getFilterConfig().getServletContext().getContextPath() + "/login/login.jsp'>iniciar sesión</a>");
                            }else{
		                        //response.getWriter().println("Rol de usuario: "+rolUsuario.getNombre()+"<br/>");
                                response.getWriter().println("No tiene permiso para acceder al recurso : "+direccionDestino);
                            }
                        }
                    }else{
                        permitido = true;
                    }
                }
            }
        }
        if(permitido || !direccionValida){
            File f = new File(getFilterConfig().getServletContext().getRealPath("/WEB-INF/menu.xml"));
            String m1 = rolUsuario.crearMenu(getFilterConfig().getServletContext().getContextPath(), f);
            ((HttpServletRequest)request).getSession().setAttribute("menu", m1);
            chain.doFilter(request, response);
        }else{
			/*
            if(!direccionValida){
                response.getWriter().println("Filtro: Recurso no existente");
            }
			 */
        }
	}
	catch(Throwable t) {
	    // If an exception is thrown somewhere down the filter chain,
	    // we still want to execute our after processing, and then
	    // rethrow the problem after that.
	    problem = t;
	    t.printStackTrace();
        t.printStackTrace(response.getWriter());
	}

	doAfterProcessing(request, response);

	// If there was a problem, we want to rethrow it if it is
	// a known type, otherwise log it.
	if (problem != null) {
	    if (problem instanceof ServletException) throw (ServletException)problem;
	    if (problem instanceof IOException) throw (IOException)problem;
	    sendProcessingError(problem, response);
	}
    }
    
    /**
     * Return the filter configuration object for this filter.
     */
    public FilterConfig getFilterConfig() {
	return (this.filterConfig);
    }

    /**
     * Set the filter configuration object for this filter.
     *
     * @param filterConfig The filter configuration object
     */
    public void setFilterConfig(FilterConfig filterConfig) {
	this.filterConfig = filterConfig;
    }

    /**
     * Destroy method for this filter 
     */
    public void destroy() { 
    }

    /**
     * Init method for this filter 
     */
    public void init(FilterConfig filterConfig) { 
	this.filterConfig = filterConfig;
	if (filterConfig != null) {
	    if (debug) { 
		log("Autorizacion:Initializing filter");
	    }
	}
    }

    /**
     * Return a String representation of this object.
     */
    @Override
    public String toString() {
	if (filterConfig == null) return ("Autorizacion()");
	StringBuffer sb = new StringBuffer("Autorizacion(");
	sb.append(filterConfig);
	sb.append(")");
	return (sb.toString());
    }

    private void sendProcessingError(Throwable t, ServletResponse response) {
	String stackTrace = getStackTrace(t); 

	if(stackTrace != null && !stackTrace.equals("")) {
	    try {
		response.setContentType("text/html");
		PrintStream ps = new PrintStream(response.getOutputStream());
		PrintWriter pw = new PrintWriter(ps); 
		pw.print("<html>\n<head>\n<title>Error</title>\n</head>\n<body>\n"); //NOI18N
		    
		// PENDING! Localize this for next official release
		pw.print("<h1>The resource did not process correctly</h1>\n<pre>\n"); 
		pw.print(stackTrace); 
		pw.print("</pre></body>\n</html>"); //NOI18N
		pw.close();
		ps.close();
		response.getOutputStream().close();
	    }
	    catch(Exception ex) {}
	}
	else {
	    try {
		PrintStream ps = new PrintStream(response.getOutputStream());
		t.printStackTrace(ps);
		ps.close();
		response.getOutputStream().close();
	    }
	    catch(Exception ex) {}
	}
    }

    public static String getStackTrace(Throwable t) {
	String stackTrace = null;
	try {
	    StringWriter sw = new StringWriter();
	    PrintWriter pw = new PrintWriter(sw);
	    t.printStackTrace(pw);
	    pw.close();
	    sw.close();
	    stackTrace = sw.getBuffer().toString();
	}
	catch(Exception ex) {}
	return stackTrace;
    }

    public void log(String msg) {
	filterConfig.getServletContext().log(msg); 
    }

}
